IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Handle case when trusted domain user access the Web UI

Browse Source 
WebUI catches the fact that the user can't access LDAP server with a current ticket. It shows form-based auth login dialog. Previoustly an ugly error was returned on an almost empty page, and user had no recourse.

https://fedorahosted.org/freeipa/ticket/2897
This commit is contained in:
Petr Vobornik 2012-08-09 14:16:58 +02:00 committed by Martin Kosek
parent ade68ec94f
commit be144da672
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
install/ui/ipa.js
View File

@ -55,6 +55,8 @@ var IPA = function() {
that.network_call_count = 0; that.network_call_count = 0;
that.ui = {};
/* initialize the IPA JSON-RPC helper */ /* initialize the IPA JSON-RPC helper */
that.init = function(params) { that.init = function(params) {
@ -190,7 +192,10 @@ var IPA = function() {
objects, objects,
commands commands
], ],
on_success: params.on_success, on_success: function(data, text_status, xhr) {
IPA.ui.initialized = true;
params.on_success.call(this, data, text_status, xhr);
},
on_error: params.on_error on_error: params.on_error
}); });
@ -308,10 +313,12 @@ IPA.get_credentials = function() {
function error_handler(xhr, text_status, error_thrown) { function error_handler(xhr, text_status, error_thrown) {
status = xhr.status; status = xhr.status;
IPA.ui.logged_kerberos = false;
} }
function success_handler(data, text_status, xhr) { function success_handler(data, text_status, xhr) {
status = xhr.status; status = xhr.status;
IPA.ui.logged_kerberos = true;
} }
var request = { var request = {
@ -379,6 +386,7 @@ IPA.login_password = function(username, password) {
function success_handler(data, text_status, xhr) { function success_handler(data, text_status, xhr) {
result = 'success'; result = 'success';
IPA.ui.logged_password = true;
} }
function error_handler(xhr, text_status, error_thrown) { function error_handler(xhr, text_status, error_thrown) {
@ -392,6 +400,8 @@ IPA.login_password = function(username, password) {
result = 'expired'; result = 'expired';
} }
} }
IPA.ui.logged_password = false;
} }
var data = { var data = {
@ -730,6 +740,16 @@ IPA.command = function(spec) {
error_thrown.message = error_msg; error_thrown.message = error_msg;
} }
// global specical cases error handlers section
// With trusts, user from trusted domain can use his ticket but he
// doesn't have rights for LDAP modify. It will throw internal errror.
// We should offer form base login.
if (xhr.status === 500 && IPA.ui.logged_kerberos && !IPA.ui.initialized) {
auth_dialog_open(xhr, text_status, error_thrown);
return;
}
if (that.retry) { if (that.retry) {
dialog_open.call(this, xhr, text_status, error_thrown); dialog_open.call(this, xhr, text_status, error_thrown);